FreeBSD Local Security Checks : FreeBSD Ports: tomcat55

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.68942

Categoría: FreeBSD Local Security Checks

Título: FreeBSD Ports: tomcat55

Resumen: The remote host is missing an update to the system; as announced in the referenced advisory.

Descripción: Summary:
The remote host is missing an update to the system
as announced in the referenced advisory.

Vulnerability Insight:
The following packages are affected:

tomcat55
tomcat6
tomcat7

CVE-2011-0013
Multiple cross-site scripting (XSS) vulnerabilities in the HTML
Manager Interface in Apache Software Foundation Tomcat 7.0 before
7.0.6, 5.5 before 5.5.32, and 6.0 before 6.0.30 allow remote attackers
to inject arbitrary web script or HTML, as demonstrated via the
display-name tag.

Solution:
Update your system with the appropriate patches or
software upgrades.

CVSS Score:
4.3

CVSS Vector:
AV:N/AC:M/Au:N/C:N/I:P/A:N

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2011-0013
1025026
http://www.securitytracker.com/id?1025026
20110205 [SECURITY] CVE-2011-0013 Apache Tomcat Manager XSS vulnerability
http://www.securityfocus.com/archive/1/516209/30/90/threaded
43192
http://secunia.com/advisories/43192
45022
http://secunia.com/advisories/45022
46174
http://www.securityfocus.com/bid/46174
57126
http://secunia.com/advisories/57126
8093
http://securityreason.com/securityalert/8093
ADV-2011-0376
http://www.vupen.com/english/advisories/2011/0376
APPLE-SA-2011-10-12-3
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html
DSA-2160
http://www.debian.org/security/2011/dsa-2160
HPSBST02955
http://marc.info/?l=bugtraq&m=139344343412337&w=2
HPSBUX02645
http://marc.info/?l=bugtraq&m=130168502603566&w=2
HPSBUX02725
http://marc.info/?l=bugtraq&m=132215163318824&w=2
HPSBUX02860
http://marc.info/?l=bugtraq&m=136485229118404&w=2
MDVSA-2011:030
http://www.mandriva.com/security/advisories?name=MDVSA-2011:030
RHSA-2011:0791
http://www.redhat.com/support/errata/RHSA-2011-0791.html
RHSA-2011:0896
http://www.redhat.com/support/errata/RHSA-2011-0896.html
RHSA-2011:0897
http://www.redhat.com/support/errata/RHSA-2011-0897.html
RHSA-2011:1845
http://www.redhat.com/support/errata/RHSA-2011-1845.html
SSRT100627
SSRT101146
SUSE-SR:2011:005
http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html
[tomcat-dev] 20190319 svn commit: r1855831 [22/30] - in /tomcat/site/trunk: ./ docs/ xdocs/
https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E
[tomcat-dev] 20190325 svn commit: r1856174 [20/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/
https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E
[tomcat-dev] 20200203 svn commit: r1873527 [22/30] - /tomcat/site/trunk/docs/
https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5%40%3Cdev.tomcat.apache.org%3E
[tomcat-dev] 20200213 svn commit: r1873980 [25/34] - /tomcat/site/trunk/docs/
https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf%40%3Cdev.tomcat.apache.org%3E
http://support.apple.com/kb/HT5002
http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5098550.html
http://tomcat.apache.org/security-5.html#Fixed_in_Apache_Tomcat_5.5.32
http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.30
http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.6_%28released_14_Jan_2011%29
https://bugzilla.redhat.com/show_bug.cgi?id=675786
oval:org.mitre.oval:def:12878
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12878
oval:org.mitre.oval:def:14945
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14945
oval:org.mitre.oval:def:19269
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19269

Copyright Copyright (C) 2011 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.68942
Categoría:	FreeBSD Local Security Checks
Título:	FreeBSD Ports: tomcat55
Resumen:	The remote host is missing an update to the system; as announced in the referenced advisory.
Descripción:	Summary: The remote host is missing an update to the system as announced in the referenced advisory. Vulnerability Insight: The following packages are affected: tomcat55 tomcat6 tomcat7 CVE-2011-0013 Multiple cross-site scripting (XSS) vulnerabilities in the HTML Manager Interface in Apache Software Foundation Tomcat 7.0 before 7.0.6, 5.5 before 5.5.32, and 6.0 before 6.0.30 allow remote attackers to inject arbitrary web script or HTML, as demonstrated via the display-name tag. Solution: Update your system with the appropriate patches or software upgrades. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2011-0013 1025026 http://www.securitytracker.com/id?1025026 20110205 [SECURITY] CVE-2011-0013 Apache Tomcat Manager XSS vulnerability http://www.securityfocus.com/archive/1/516209/30/90/threaded 43192 http://secunia.com/advisories/43192 45022 http://secunia.com/advisories/45022 46174 http://www.securityfocus.com/bid/46174 57126 http://secunia.com/advisories/57126 8093 http://securityreason.com/securityalert/8093 ADV-2011-0376 http://www.vupen.com/english/advisories/2011/0376 APPLE-SA-2011-10-12-3 http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html DSA-2160 http://www.debian.org/security/2011/dsa-2160 HPSBST02955 http://marc.info/?l=bugtraq&m=139344343412337&w=2 HPSBUX02645 http://marc.info/?l=bugtraq&m=130168502603566&w=2 HPSBUX02725 http://marc.info/?l=bugtraq&m=132215163318824&w=2 HPSBUX02860 http://marc.info/?l=bugtraq&m=136485229118404&w=2 MDVSA-2011:030 http://www.mandriva.com/security/advisories?name=MDVSA-2011:030 RHSA-2011:0791 http://www.redhat.com/support/errata/RHSA-2011-0791.html RHSA-2011:0896 http://www.redhat.com/support/errata/RHSA-2011-0896.html RHSA-2011:0897 http://www.redhat.com/support/errata/RHSA-2011-0897.html RHSA-2011:1845 http://www.redhat.com/support/errata/RHSA-2011-1845.html SSRT100627 SSRT101146 SUSE-SR:2011:005 http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html [tomcat-dev] 20190319 svn commit: r1855831 [22/30] - in /tomcat/site/trunk: ./ docs/ xdocs/ https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E [tomcat-dev] 20190325 svn commit: r1856174 [20/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/ https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E [tomcat-dev] 20200203 svn commit: r1873527 [22/30] - /tomcat/site/trunk/docs/ https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5%40%3Cdev.tomcat.apache.org%3E [tomcat-dev] 20200213 svn commit: r1873980 [25/34] - /tomcat/site/trunk/docs/ https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf%40%3Cdev.tomcat.apache.org%3E http://support.apple.com/kb/HT5002 http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5098550.html http://tomcat.apache.org/security-5.html#Fixed_in_Apache_Tomcat_5.5.32 http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.30 http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.6_%28released_14_Jan_2011%29 https://bugzilla.redhat.com/show_bug.cgi?id=675786 oval:org.mitre.oval:def:12878 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12878 oval:org.mitre.oval:def:14945 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14945 oval:org.mitre.oval:def:19269 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19269
Copyright	Copyright (C) 2011 E-Soft Inc.